The Contacts Sharing Application is made available by Portalis GmbH, Switzerland. In this document "we", "us" and "our" refers to this company and "Application" means this application.
Respecting and protecting the privacy of the Users is one of the rationale for this Application. This Privacy Policy document contains a comprehensive list of information that is collected and recorded by the Application and describes how we use it.
If you have additional questions or require more information about this Privacy Policy, do not hesitate to contact Us.
This Privacy Policy applies only to information submitted by the User in the context of this Application. It is an integral part of the End User Licence Agreement between the User and Us as described in the Terms and Conditions document.
Use of this Application is subject to registration via a mobile device. In order to register, the User must accept the Terms and Conditions. By registering with the Application the User explicitly agrees with the terms of our Privacy Policy.
According to the European Union's General Data Protection Regulation (GDPR) PII is any data that can be used to clearly identify an individual. Contact data include a number of data types that fall in the category of PII. For this reason it is important to make clear distinction between data that we store and information that we collect.
All contacts (payload) managed by this Application are encrypted on the User's mobile device. It can only be decrypted (revealed) by the User in possession of that device. Only encrypted data are transmitted to, and stored by Us. It is just like persisting data passing a TLS channel. Due to end-to-end encryption, the payload in our storage is not PII and thus unrelated to privacy considerations.
The Application identifies a User by email address (1). For email communication we ask the User for an alias (2) instead of the person's name. Finally, the Application will identify the mobile device by a unique Device Id (3).
Apart from the above data types, no more PII will be collected, stored or otherwise managed by the Application.
The User's email address will be used for authentication in combination with a password. The password itself is not stored in our storage. Authentication is required in order to protect PII on the User's mobile device from unauthorized use by third parties.
The User will receive an email notification triggered by certain events. For example, the registration to the Application must be confirmed by navigating to a URL enclosed in an email. The alias is used exclusively to address the User in an email.
The mobile device holds the encryption keys for all payload. The Device Id is used for peer-to-peer communication between individual devices of the User.
The Application follows a standard procedure of using log files. The logs do not contain any privacy or security relevant information. They are used exclusively for technical purposes.
Under the CCPA, among other rights, California consumers have the right to:
Request that a business that collects a consumer's personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.
Request that a business delete any personal data about the consumer that a business has collected.
Request that a business that sells a consumer's personal data, not sell the consumer's personal data.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
Every User is entitled to the following:
The right to access - Users have the right to request copies of their personal data. we may charge a small fee for this service.
The right to rectification - Users have the right to request that we correct any information that might be inaccurate. Users also have the right to request that we complete the information that might be incomplete.
The right to erasure - Users have the right to request that we erase all personal data, under certain conditions.
The right to restrict processing - Users have the right to request that we restrict the processing of all personal data, under certain conditions.
The right to object to processing - Users have the right to object to our processing of all personal data, under certain conditions.
The right to data portability - Users have the right to request that we transfer the data that we have collected to another organization, or directly to the User, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
This policy is effective as of 9 June 2020.